LoveMyTool.comtag:typepad.com,2003:weblog-13566382018-02-16T05:00:00-08:00Network Security, Management and MonitoringTypePadObsolete (by Paul W. Smith)tag:typepad.com,2003:post-6a00e008d95770883401b7c950480d970b2018-02-16T05:00:00-08:002018-02-16T05:00:00-08:00I remember when I got my first pager. Pagers were for special people who must always be available in an emergency, and so I felt important. The feeling was short-lived. I soon realized that it could go off at any moment, compelling me to drop whatever I was doing and head for the nearest phone (smartphones had not yet obsoleted pagers). I also learned that it is critical to dress appropriately when wearing a pager, lest one be mistaken for a drug dealer. Our culture’s intoxicating brew of cutting-edge technologies has always put forth shiny objects which feed our egos...Paul W. Smith

I remember when I got my first pager. Pagers were for special people who must always be available in an emergency, and so I felt important. The feeling was short-lived. I soon realized that it could go off at any moment, compelling me to drop whatever I was doing and head for the nearest phone (smartphones had not yet obsoleted pagers). I also learned that it is critical to dress appropriately when wearing a pager, lest one be mistaken for a drug dealer.

Our culture’s intoxicating brew of cutting-edge technologies has always put forth shiny objects which feed our egos and, in some cases, speed our workflow. The not-so-hidden agenda of their creators is to make them obsolete before the revenue stream wanes. The familiar adage “technology eats its young” is not without merit.

According to the definition, an obsolete thing is outdated and therefore no longer produced or used. As a verb, the word has become a rallying cry for business leaders – our mission is to obsolete the other guy’s stuff and take his share. Cassette tapes, pagers, rotary phones, typewriters, phonographs, floppy disks – all these and many more could still perform their intended function, but products that seem good enough are never good enough for long.

You and I travel a road to obsolescence not unlike that of our stuff. We reach an age where we are at the absolute peak of a particular skill, only to begin the slow process of losing it. People who are good enough, it seems, are not good enough forever either.

Psychologists know a lot about these skills and when we acquire them. Their research, for example, tells us that learning a second language is easiest at the age of 7 or 8. This accounts for my struggles on a recent trip to Italy. My wife and I learned firsthand that a cup of tea was “molto bene” (very good), while a stunning woman would be “molto bello” (very beautiful), a crucial distinction of little value to an eight-year-old. A few years down the road, brain processing power peaks at 18. This is a good thing to remember when you are cross-examining your teenager about staying out past curfew. If they seem particularly adept at obfuscation, it’s because they are.

Jack Weinberger, a Berkeley free-speech activist in the 60’s, advised “Never trust anyone over 30”. This has some sound basis in neuroscience. By that time, we will have passed through the peak age to remember unfamiliar names, the peak of life satisfaction, the optimal point for physical strength, and the best age to settle down in a relationship. The average elite marathoner is 28, so I personally missed that one, along with the peak age for playing chess (31).

In our 30’s through 60’s, we will peak at learning new faces and understanding other people’s emotions. We will also reach the pinnacle of our ability to focus, as well as the maximum skill level for arithmetic. We will have our best shot at winning a Nobel Prize, and achieve the highest salary of our career. It is often said that middle age is our most productive time, and the data seem to support that. It would also seem to imply that we are stumbling toward obsolescence from there on.

The data also offers a ray of hope. We all continue to grow wiser and more psychologically stable as we age. It is often said that teenagers and young adults have vitality on their side, but both men and women feel best about their bodies around age 70, which I am beginning to suspect is from some combination of resignation and denial. Nevertheless, it is reassuring that while our obsolete stuff is constantly being replaced, so are our little human skills being exchanged for the bigger gifts of wisdom and well-being.

As the second peak age for life satisfaction (69) makes a not-so-distant appearance on my radar, I am happy to report that I no longer carry a pager. My Apple watch now taps my wrist when an important message comes in, while voicemail is transcribed and scrolls by on its little screen.

I am at peace with this, wisely observing that it is all so much better than that annoying, obsolete pager.

Author Profile - Paul W. Smith, a Founder and Director of Engineering with INVENtPM LLC, has more than 35 years of experience in research and advanced product development.

Prior to founding INVENtPM, Dr. Smith spent 10 years with Seagate Technology in Longmont, Colorado. At Seagate, he was primarily responsible for evaluating new data storage technologies under development throughout the company, and utilizing six-sigma processes to stage them for implementation in early engineering models. He is a former Adjunct Professor of Mechanical Engineering at the Colorado School of Mines, and currently manages the website “Technology for the Journey”.

Paul holds a doctorate in Applied Mechanics from the California Institute of Technology, as well as Bachelor’s and Master’s Degrees in Mechanical Engineering from the University of California, Santa Barbara.

http://www.lovemytool.com/blog/2018/02/obsolete-by-paul-w-smith.htmlHow TCP Works - No-Operation (by Chris Greer)tag:typepad.com,2003:post-6a00e008d95770883401bb09f2d7c0970d2018-02-15T03:39:00-08:002018-02-15T03:39:00-08:00Hey packet people! If you have ever had to analyze a TCP connection, you have definitely seen a three-way handshake. In that handshake, both TCP stacks will exchange the options they are open to use for the connection. In the options field, you may also see several instances of the No-Operation value. How does this value work? What does it mean (other than no-operation of course), and how should I interpret it? Get the answers to these questions here: Hope it helps in troubleshooting with Wireshark! Got network problems? Get in touch! Author Profile - Chris Greer is a Chief...Chris Greer

Hey packet people!

If you have ever had to analyze a TCP connection, you have definitely seen a three-way handshake. In that handshake, both TCP stacks will exchange the options they are open to use for the connection. In the options field, you may also see several instances of the No-Operation value.

How does this value work? What does it mean (other than no-operation of course), and how should I interpret it?

Author Profile - Chris Greer is a Chief Packet Head for Packet Pioneer LLC and a Certified Wireshark Network Analyst. Chris regularly assists companies in tracking down the source of network and application performance problems using a variety of protocol analysis and monitoring tools including Wireshark. Chris also delivers training and develops technical content for Wireshark and for several analysis vendors.

http://www.lovemytool.com/blog/2018/02/how-tcp-works-no-operation-by-chris-greer.htmlWireshark Udemy Free Course Giveaway (by Tony Fortunato)tag:typepad.com,2003:post-6a00e008d95770883401bb09f24d08970d2018-02-13T23:03:00-08:002018-02-13T23:03:00-08:00I have been presenting, training, creating videos, articles and sharing information for over 20 years. As technology evolves, I have tried to keep up by creating lovemytool google and linkedin groups as well as contributing to many social media technical groups/online publications. When youtube started becoming a source of information for technicians, i created a channel. My youtube channel has over 330 videos covering various topics such as Microsoft operating system, Cisco, Wireless, Wireshark and other technical topics. I will not be teaching or presenting this year (so far) so i thought i would take some of the suggestions sent...Tony

I have been presenting, training, creating videos, articles and sharing information for over 20 years. As technology evolves, I have tried to keep up by creating lovemytool google and linkedin groups as well as contributing to many social media technical groups/online publications.

When youtube started becoming a source of information for technicians, i created a channel. My youtube channel has over 330 videos covering various topics such as Microsoft operating system, Cisco, Wireless, Wireshark and other technical topics.

I will not be teaching or presenting this year (so far) so i thought i would take some of the suggestions sent to me last year. I had several requests to create some online material so I created a "Wireshark 2 Fundamentals" class on Udemy as my first attempt. This is introductory class for those who want to start using Wireshark or if you need a refresher.

No need to be intimidated by Wireshark! Many IT analysts avoid getting into Wireshark because it seems overwhelming. You don't need a lot of experience to get up and running with Wireshark. In this course you will learn all the basics required to confidently capture, save and navigate around Wireshark's environment. I will spend some time explaining enough of the software to encourage you to use it more.

http://www.lovemytool.com/blog/2018/02/wireshark-udemy-free-course-giveaway-by-tony-fortunato.htmlScalability in Network Architecture (by Christian Ferenz)tag:typepad.com,2003:post-6a00e008d95770883401bb09f19045970d2018-02-12T00:00:00-08:002018-02-12T13:38:23-08:00Scalability in Network Architecture There has been a huge surge in network traffic and no industry is immune from being overwhelmed by data. Network visibility is a requirement for all industries ranging from financial corporations, telecom companies, data centres to retailers, government and healthcare. All are vulnerable to becoming constrained due to scalability issues. With non-scalable tools, companies are limited by the number of switches and the architecture does not allow them to address all their network visibility concerns. As a result, they end up investing huge sums in changing their entire network architecture. If a company’s existing network monitoring...Oldcommguy

Scalability in Network Architecture

There has been a huge surge in network traffic and no industry is immune from being overwhelmed by data. Network visibility is a requirement for all industries ranging from financial corporations, telecom companies, data centres to retailers, government and healthcare. All are vulnerable to becoming constrained due to scalability issues.

With non-scalable tools, companies are limited by the number of switches and the architecture does not allow them to address all their network visibility concerns. As a result, they end up investing huge sums in changing their entire network architecture.

If a company’s existing network monitoring setup consists of a limited number of network TAPs feeding a monitoring switch, the system provides limited visibility and is not scalable. Such a system is also not capable of addressing regular microbursts in network traffic. Furthermore, the architecture generates substantial duplicate packets that the switch is not equipped to eliminate, creating challenges for monitoring. In such cases, when a company needs to install new TAPs and new port SPANs to accommodate network expansion, the old switch is not able to handle the load.

A scalable solution which offers multi-stage filtering, de-duplication and other features helps a network operate more efficiently.

Customers can ease these problems by building scalable network monitoring visibility solutions.

Tools that can intelligently aggregate data and precisely channel it to the appropriate monitoring tools without missing or dropping data, and which provide 100-percent visibility. Instead of using several TAPs, SPANs and tools, a scalable tool can provide 100 percent visibility of all data passing through it.

With a scalable solution, it is easy to add ports to handle the change in network traffic. Network expansion is easy to accommodate if there is room to add more ports. A solution that consists of small boxes with a low port count might serve a momentary need, but in the process of fixing one problem complexity has been added to the network.

As networks move from 1G to 10G speeds; and from 40G and 100G speeds; data centres will need new hardware if the ports on their monitoring switches aren’t able to handle the increase. This can cause network unavailability which can lead to dropped packets and loss of visibility. Network engineers need tools which provide an easy path to migrate to future high-speed technologies.

Author - Christian Ferenz - started his entrepreneur journey as a measurement instrumentation distributor in 2003 and soon realized that there was a market for producing better network monitoring solutions. Along with some of his business partners, Christian established Cubro Acronet and started developing TAPs and Packet Broker lines. Within few years, the company spread its wings in the international market.

Today Cubro is among the leading vendors of TAPs and Network Packet Brokers and partner to the world’s largest Telcos and Enterprises with installations on all continents.

http://www.lovemytool.com/blog/2018/02/scalability-in-network-architecture-by-christian-ferenz.html2017 Sharkfest Europe - Why do vendors go to Sharkfest? (by The Oldcommguy®)tag:typepad.com,2003:post-6a00e008d95770883401bb09f0ebe0970d2018-02-08T00:00:00-08:002018-02-10T17:47:23-08:002017 SharkFest Europe 10 years of SharkFest Learning from the Professional Analysts that come to Sharkfest! Why vendor’s should be at every Sharkfest! ProfiShark and long-term capture is an example of why Vendors attend Sharkfest! SharkFest Europe conference was a success! This year, the Wireshark conference took place in Estoril, Portugal and it didn’t disappoint, as expected. For the Profitap team, the event meant lots and lots of inspiration and interesting insights about packet analysis, network troubleshooting and network forensics. As a Vendor they attend to learn about trends and issues from the high quality of attendees at Sharkfest. Hey...Oldcommguy

2017 SharkFest Europe

10 years of SharkFest

Learning from the Professional Analysts that come to Sharkfest!

Why vendor’s should be at every Sharkfest!

ProfiShark and long-term capture is an example of why Vendors attend Sharkfest!

SharkFest Europe conference was a success! This year, the Wireshark conference took place in Estoril, Portugal and it didn’t disappoint, as expected. For the Profitap team, the event meant lots and lots of inspiration and interesting insights about packet analysis, network troubleshooting and network forensics.

As a Vendor they attend to learn about trends and issues from the high quality of attendees at Sharkfest.

Hey mister “want to capture a LOT of data” Like all of your data and see every frame, when you need to?

ProfiTAP Team - Geoffrey Kempenich (left) and Laurent Schirck (right)

Why Venders at Sharkfest? – Jasper Bongertz a Wireshark Guru, Teacher and Decveloper sums it up - Having vendors showcasing their hardware and software solutions to the Sharkfest attendees is a big plus. There are always new cool things to discover and it's a great way to exchange information and experiences between solution providers and the users of their products. The audience at Sharkfest is extremely focused on all things network analysis, security, monitoring and troubleshooting, so there is no better targeting for the vendors than being present at this selective industry conference. Sharkfest is ALL ABOUT sharing and exchanging ideas!

Venders build technology to visualize and solve complex network issues no better place to show their solutions as well as gain more insight into the issues faced by real world analysts, security experts and overall Network Engineers!

Example - ProfiTAP provides network monitoring tools, from high-density network TAPs and Packet Brokers to field service network troubleshooter. That’s why this conference was a must for us. Where else could we get better feedback from top network analysts than at a SharkFest event?

Profitap showcased its range of portable network troubleshooters – ProfiShark. In addition, we also presented a long-term traffic capture solution, that combines the best of a ProfiShark and a NAS. This way the Wireshark community can catch an intermittent problem in the act, so they can still do their analysis on a laptop, wherever they are.

They also shared useful tips and tricks with network professionals for analyzing data with Wireshark, or our own NPM/APM software, ProfiSight.

Besides this, Venders like ProfiTAP attended live sessions presented by experienced network analysts and had the privilege to witness their way of going through packets to evaluate and identify, mitigate and secure their network.

Finally, we want to say a huge thank you to the SharkFest team. They did a great job organizing this conference, so that we can enjoy a stunning geeky event.

ProfiTAP Author - Rick van Werven has made it his mission to spread the word on the importance of network visibility. Being the starting point of every troubleshooting analysis, cybersecurity monitoring and NPM/APM scenario, Total and exact visibility of the network is what makes or breaks your analysis, security or management technology. It all starts with a TAP! Rick works for ProfiTAP. www.profitap.com

http://www.lovemytool.com/blog/2018/02/2017-sharkfest-europe-why-do-vendors-got-to-sharkfest-by-the-oldcommguy.htmlFiguring Out Where To Slice a Packet Using Wireshark (by Tony Fortunato)tag:typepad.com,2003:post-6a00e008d95770883401b8d2cd33fe970c2018-02-05T02:20:00-08:002018-02-05T02:20:00-08:00There are many scenarios with packet slicing is helpful and possible necessary. I covered this in a previous article Network Protocol Analysis Tip: Packet Slicing (http://tinyurl.com/yb38lw9j). To summarize, here are some examples or scenarios where you should consider packet slicing: The data is not useful or unreadable/encrypted To conserve disk space or reduce your trace file size Legal issues around the payload of captured packets Reduce load on your capture device. Some packet capture tools are less likely to drop packets when packets are sliced. David K, one of my YouTube subscribers, asked a great question, “… How could one...Tony
<div xmlns="http://www.w3.org/1999/xhtml"><p>There are many scenarios with packet slicing is helpful and possible necessary.&nbsp; I covered this in a previous article Network Protocol Analysis Tip: Packet Slicing (<a href="http://tinyurl.com/yb38lw9j">http://tinyurl.com/yb38lw9j</a>).</p>
<p>To summarize, here are some examples or scenarios where you should consider packet slicing:</p>
<ul>
<li>The data is not useful or unreadable/encrypted</li>
<li>To conserve disk space or reduce your trace file size</li>
<li>Legal issues around the payload of captured packets</li>
<li>Reduce load on your capture device. Some packet capture tools are less likely to drop packets when packets are sliced.</li>
</ul>
<p>David K, one of my YouTube subscribers, asked a great question, “… How could one do that? …”. I thought what a great question since there are times when I assume the reader knows how to do this.</p>
<p>In this video I cover how to figure out the packet slicing value for a HTTP GET command and the destination MAC address.&nbsp; From these two examples, the reader should be able to calculate any other packet slice value.</p>
<p>Please keep in mind that you should always go through this process to determine the packet slice value or offset. This offset may change depending on the network or application so don’t assume the packet slice value will remain the same.</p>
<p style="text-align: center;">&nbsp;</p>
<p class="asset-video" style="text-align: center;"><iframe width="459" height="344" src="https://www.youtube.com/embed/OgewQwNhWEw?feature=oembed" frameborder="0" gesture="media" allow="encrypted-media" allowfullscreen=""></iframe></p>
<p>&nbsp;</p
<p class="entry-more-link"><a
href="http://www.lovemytool.com/blog/tony-fortunato/">Continue reading other LoveMyTool posts by Tony Fortunato »</a></p>
<script type="text/javascript" src="http://platform.linkedin.com/in.js"></script><script type="in/share" data-counter="right"></script>
</div>
<img src="http://feeds.feedburner.com/~r/lovemytool/~4/uEJiLNoOkjA" height="1" width="1" alt=""/>http://www.lovemytool.com/blog/2018/02/figuring-out-where-to-slice-a-packet-using-wireshark-by-tony-fortunato.html